Overview

overview

4

Static

static

3

3bd6f9da6e...18.exe

windows7-x64

4

3bd6f9da6e...18.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    150s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    12/07/2024, 03:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3bd6f9da6e5df99013f10ae664e44bc3_JaffaCakes118.exe

  • Size

    39KB

  • MD5

    3bd6f9da6e5df99013f10ae664e44bc3

  • SHA1

    f6a839b7acdd7f99e5f130945dfee26a91a7f528

  • SHA256

    2f65b162841ec416052d2a525ace6defedde4572c7208fdb69e54431fa92e2d9

  • SHA512

    ab11d576d2db4f4d80811d8dc1c438038180d6d63ed2e8aa81cd0d2ad78297d20157912e4ebee9e0d2b4755c6c34be419aa046977d7bc05eaf8ab002d323869a

  • SSDEEP

    768:6pdb5pKFnJprCGMCDscKJYE+aC3E+ruoC7RR7GVWJGLdd65:6btpKJnCGM8KJYEcU+wD7GBhq

Score
4/10

Malware Config

Signatures

  • Drops file in Program Files directory 3 IoCs
  • Modifies Internet Explorer settings 1 TTPs 45 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3bd6f9da6e5df99013f10ae664e44bc3_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3bd6f9da6e5df99013f10ae664e44bc3_JaffaCakes118.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2512
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2780
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2780 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2776
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2780 CREDAT:865284 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1348

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c756ab15943305ac8d0932445f0a0be6

    SHA1

    92ae3a22f128a71777b0c871160dc83b0e3e6361

    SHA256

    628f60922e6619c9944c0225b408a639e841cf51cfbee5be0e0c4cd196e202bb

    SHA512

    3ecafc09405beb3afd62e698fffacab78bbca6e5292b56391ede49988990f8c85e04616819f92d1afd5cebbb2bd760de769e2a6eab951b0217c56d6ae34721ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b15838c1d6fa048ace7a778e6b4b2ef6

    SHA1

    455c5640278d4097fc40b5981034775e11b6bc91

    SHA256

    4ddf623c61dcc4d48521f0d2a77fa1c222e27ef88c20175925691f356817d029

    SHA512

    801bd70b98582494cdd0bdbf165b5adc1be3e43780f00148ea3faee59e93210527b68b62f7282563a6fa6311f90bd09307b39b982247c8526fea71a2faa2887f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    78ca99c4c6876bc3bd80c9aab5aacd46

    SHA1

    138f4cb86f2d1ce5df0cf936efc22266c6f4c871

    SHA256

    1ef06d7f05bcaec3af62d586b92c3941a6cc8fd699c6a6f9d4748a37709ca084

    SHA512

    efc69bc8b8ce7c2bbca13d4b39078d8eebf9218ab9e70cfc1b803e1fc813b95e38457dd7325b0a358cbb9ddfa14701a05f74d9066470611061b4dea6161c6411

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6087ff90b2ca851233c9f5f494f83120

    SHA1

    1d57053d65b0414dc9b95012923f51551afa2988

    SHA256

    54d3a96445082e68eb632103ac26c3b7b30855ad7107fc27d469e9fcc8ada91c

    SHA512

    4adfbc39d16100ca8fbf420f42ce0267b300ccf68b54e19400315476bdfd6884e76d6ed5be2267297c68806e29c68c7eeb4725059c8a7d45b4e0c4ea83e1b6d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7340aca62a95f027bfecf69fa2c3575c

    SHA1

    8783ade048d3af03d83b26de0811694f2985474b

    SHA256

    9e9b54820fedf737407f52b17325fa6c7d92e6dbeb9cf4d5e0af78d16eabf042

    SHA512

    99feefce031bea9edb3e43390bc56a5d2e8ef63159b2c1c24c8d56532d7d445161bf1127232c6a3ae37e635fb71cea087ddecc51a3908240de18cf7332c7a456

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    85d9c0c07ac8f97287bfea83623090e8

    SHA1

    f12d8e6694f47930e17fceff9a1f919cf3154787

    SHA256

    15b0bd7db6899a2ad73f29e655e3b74aa45ae9dd12613717d9999d6d03570885

    SHA512

    ac20719af0d091e21f6e89f7b092e5a8c8489028bd6edf902e628b3aa281a0b7c3c79a919322bd10d3390f73e043f3127743a25bac922930614f6d7092f408e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    804c2f53d7d0486a3c48ca39f80830b1

    SHA1

    d6b192b6c865951de9a81a4a0dc87e3df56573aa

    SHA256

    6fcb4c882496475b948addaeba5274c82529fd16b8f31505233289611462fb42

    SHA512

    3b13418b6e8cd1e5523ad281834094b9a33e28e0f402b858f05345008dcbc190976bd89bc994431412a8fc6831de191179118a544f494cb76de9a58ffa13effe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e1db3fd61566dd8d346b52902c5886b3

    SHA1

    784d3c37cc32764d5a0e90e23bd51b825260f269

    SHA256

    d9a6fb8a13df238e3d837c068a390624c0c29e236c62395d28185d70208ac02d

    SHA512

    40b7136a2318c2fdc2dfac26501cbdda0c982a42e8e6721139807b992280440df297cbfb31aeeff03957a030b6c68728a7b9925649e5e037bff543ecdacbaadd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4fb6f5e5202a7cebbc47644b49bb0e55

    SHA1

    ebe890df060b865a7f2b60ad4556a166594ee65b

    SHA256

    89991468e2bd8ded84f5ec9737aef483f25e5f1e3cb695d4a0836a23ecad3425

    SHA512

    d9417d7e3cc0f078d98ab74d94374814f22e404035a0d80ccdc141069dd8902e443bf791dffa75a05e8ca2fa56ea27f8bfc84466e5c4fe45017c0ccebd044cdf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    78bbd1cf19cd085fdc2d8bc8e3ebee0b

    SHA1

    663f4471b48d70d9f1eab471f2e9a1c5be51c337

    SHA256

    330fdd6e0afc2a325608c85ebd72ae34ced8a084edba358edef544c74d36e2a5

    SHA512

    d2a41ae068cc896aef059b04afa44e58a173e448b86b4d3bec28a27be57a2accc9c40cf96d91f1b02cbcdd9b1b6ca53cd1890a208486ff2d32e10d3dfaad022b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8aa75d7fb344da48602734b20e0ca198

    SHA1

    53c3b2b59a710ffa9c8a5cb562d8d01677f7174c

    SHA256

    87577f746b54d24feaddde34c2dbb8f2ee889d3783ff6999db765be4740730cf

    SHA512

    834aded9e00a9d4cd495970ef86dccde1d15d371bacddac7ebd7ef68b52a4760641c6fc843117aa67bd75c40a67e53a567d9fab8e15d17281d395dda6d5d0fa9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4bf6f1e709107cbb9c4d8cdd9e323717

    SHA1

    1b65a63defad6147fad485da2bf4fbe9f359b538

    SHA256

    c2b72a8ca5ffa54e4d6c07274c115671347a10388b4ed92374a4772aad4e37f2

    SHA512

    ecbd95da864475e11e9829ffac973db0045172eb836db222e770c4af689c936b4c85d2f8375548cc8b6fe4a0f731ef2f0802a4917fed40db33a252b870b6406b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c7552bd0e2e00e35fce905097a27abca

    SHA1

    7fd354c5dfd27ae4b0b76372131da04e74c22c28

    SHA256

    c991be20adf6f93c21a280853ecfac2e431c02e9045c94590ed9d5dad193556e

    SHA512

    9d6fb3c752077abbe6fd2e6316a7a7f32f874429cd2846a06225cdb1346d4b94d6d821f7d0b6196c3658e7da661edaf139d87a2b0b7f40edb40363ef3214d058

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d5a4be5f9484a338e833a035efccad86

    SHA1

    71805da29cfed31079149c4b06f47debfa81b57a

    SHA256

    520fc9cc1940a27e0a6c961498e099c09588122b28c715f9abcc371d275eaa8e

    SHA512

    d1b87adb2e3b12ef73ed0e7b439bd6aaa124ebc93dee994db291942fc73ce10b336d735588ef04cbeb87ede7c99671e3326b6800cf9b8886d49e6992340d22aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c55f6ebedeea3660d9230d58e614d906

    SHA1

    c5a8a098c4b5e0b8313a50b110fabdf49264057e

    SHA256

    5fee38d8226bae78899ab47fd1fed8894cc220000f8975fa90b389e39fae7384

    SHA512

    0fa85bbe6294c1425841a218f73bb64604c0b14fb195782eef7d88b4c19bc8e976b5b28ea6b6d2d0ae22623cfa6124955f027b33c5c376aa4a9705ca97b247ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    32762caf9f1683ab57089d9e1614c534

    SHA1

    cf74014cdf5d15c73c505c58e277b60f05607ca4

    SHA256

    1b678eb29d1ffb68ddfcf457cdfb209237cbee03cc756c19441ce38c09303053

    SHA512

    6ac4efff96924b4fbe5013a851dac6e1c07cd747d40122d342db414b9679569c0a42db9db75ad41f601ab27be0018801f3fd2ebc6104dbbdbf27818a665611d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c0c27765877a41ec2dea0c4cbe9db5c3

    SHA1

    799cb6f9b0b57ce7771220f326b77164f38cac7a

    SHA256

    e9e0af2c802681056f610fec37a38be6b7631121cf5ad5123ba57fd1fe4296ae

    SHA512

    4c48f011ed9f40eeb9207952180aae60de99873d6b40157e78d7f410905cfb3e80f6839ed9961633816597757031adea53b8d8b5b8b2ecac23387c427c564bba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75c55f12d77c0f95f6cef8316d2e6cdc

    SHA1

    4daedd7218288b05f380ff6c62dcdd538c875a19

    SHA256

    8d01b565c69e849c53c911c0ae19953d59a36f678f08667405ed1feb6dd19463

    SHA512

    82e7390383c0b566078546d10a5f319a636fb695a85cdf90727122bd9c2fb4a632ed261a8ca0eebc2052ba98abfb0b971929e946cf4489a7c8b936fdb0589d40

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52295c551dcffd8b6e9e2c538b8b6723

    SHA1

    4c2e025d37e72138d7b4285f1d34f08fae1f067b

    SHA256

    12cc00781a65cc0fdca33e7af8dfd7a02c73165e0c0a0a1f3cbb26d6627525e7

    SHA512

    1fea9cd4a7409ca54a3d77c24eb110f32defa83565f0eada0c0dfd7016d366d1dba4a9343fb36651c2d76ff2956a25ffcbd9a19f5f6d021336b9cc793c35086c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a47ed1f645b926b943482ee8d3fe8d95

    SHA1

    42b750f60f76190b1a7abf36e0d83cabf5fc741c

    SHA256

    9b89afb2b189a8478a708424f3f1d628fe5e3b9ee4a0a85907b5e827da2f2d65

    SHA512

    f4b05c32df13bbd508d7e879c59bf0885c0620b4dc8dd770f867350b647edbf2d2d5e40122c3ffecdd4e194cd1b76293d143cb4959c91e4857ab8c87058fd442

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4577de01ceff3f6f28e111da932ce646

    SHA1

    e759b8d2c2cc5920ebe54ad7a7244c0bc6258789

    SHA256

    39379861bba148703575b446911a3e2d5bd2fcf0ff643c416b06289da8887ee8

    SHA512

    0f864725fe95267225b6ac96b0e29be7b7099adc9f055408f8a7fb24a311e48142cf85ddcdfaa0a20146cc67e33d5a25513bd3f6510e82ec1c0859af53f653fe

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDE9D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDF00.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2512-0-0x0000000010000000-0x0000000010010000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2512-12-0x00000000003F0000-0x00000000003F2000-memory.dmp

    Filesize

    8KB

    Download